440 results about "Non-repudiation" patented technology

A full-featured e-mail system is used in both Internet-based and client-side (personal computer) forms. In each form, either basic e-mail service is provided to system subscribers or a secure, premium service with authentication, concealment, integrity, and non-repudiation functions for electronic messaging services is provided. In either form and at either level of service, subscribers can work off-line on their own computers with proprietary software loaded or, alternatively, on-line on any computer with an Internet connection. The system is interoperable, to preserve security, with all S/MIME compliant software applications, even for those users not subscribing to a service implementing the disclosed system. Digital certificates can be provided as a security service of the disclosed system, rather than requiring a second source with separate verification procedures. As additional optional features, the subscriber can control compression of outgoing attachment files, rather than having that function absent or operate in some automatic way. Decompression of such file attachments when received occurs automatically for subscribers, without having to invoke a different program or system. Interactive help features, book hierarchy uniformity for messages, accounts, certificates, virus warnings, and dual naming capability are also provided and available to subscribers in both the Web-based and the client-side application forms disclosed herein, and in both basic and premium service levels.

The present invention consists of a secure interactive electronic account statement delivery system suitable for use over open networks such as the Internet. The invention utilizes a certification hierarchy to insure that electronic bills, invoices, and other account statements can be securely sent over open networks. The participants in the system are a certification authority, certificated banks, billers, and customers. The certification authority grants digital certificates to the certificated banks, which in turn grant digital certificates to billers and customers. Digital certificates form the basis for encryption and authentication of network communications, using public and private keys. The certificates associate a customer and biller with a certificated bank and with the electronic billing system, much like payment cards associate a customer with a payment card issuer and a particular payment card system. Digital signatures are used for authentication and non-repudiation. The certificates may be stored as digital data on storage media of a customer's or biller's computer system, or may be contained in integrated circuit or chip cards physically issued to billers and customers. The electronic bill itself may be a simple text message containing the equivalent of summary information for the bill, or may be more elaborate. In one embodiment of the invention, the electronic bill contains a number of embedded links, for example an embedded URL of a biller's world wide web server that allows the customer to interactively bring up detailed billing information by activating the link. The e-mail message may also include links to third party websites.

The method for implementing an Intelligent Content Rating middleware platform and gateway system disclosed herewith provides telecommunications carriers and network operators with the ability to define routing and actions based on HTTP/SIP based content and subscriber context through a powerful, extensible Layer 4-7 switching fabric technology. The invention mediates communications between applications and networks for IP packet flows, personal messaging, location-based services and billing. Furthermore, it enables advanced context-sensitive dialogue scenarios with the wireless subscriber such as, but not limited to, Advice-of-Charge dialogues. The art permits telecommunications network operators and like entities to introduce real-time rating of data services for both prepaid and post-paid subscribers. Further advances in the art include the validation of digital signatures, combined with authentication and non-repudiation techniques to ensure subscriber privacy remains protected.

A signer uses an undeniable signature scheme to sign his public key to thereby create an "undeniable certificate" which can be used to verify the signer's digital signature on any message signed using the signer's corresponding private key. Hence, once the undeniable certificate is received by the recipient, the recipient and the signer engage one time in a confirmation protocol or denial protocol to the satisfaction of the recipient that the undeniable certificate has in fact been signed by the signer thus certifying signer's public key. Thereafter, the recipient can use the certified public key to verify any documents signed by the signer with no further interaction with the signer. However, third parties are precluded from verifying the signer's signature since they do not possess the confirmed undeniable certificate and corresponding public key. Digital signatures can now be verified between two parties using a public key as in traditional digital signatures but which avoids verifiability by third parties.

A portable adapter that provides non-repudiable telecommunications services to bar-code reading hand-held computers and palm-top or tablet-type mobile computers is disclosed. The adapter provides supplemental power supply and processing capacity that supports API communications functions, such as interactive voice recognition, conference calling, data encryption, VoIP packetization and other signal-format conversions that are not implemented on mobile computers. In particular, the device automatically logs IP packet identifiers and DOV dialing and status signals, without the user having access to edit this information, thereby providing a "non-repudiation" record of all communications. The adapter also supports intensive use of the host computer's serial port by supplementing the power available from the host computer's battery, or replacing that battery with a connector. For plant inspection and inventory auditing, ground-based cellular communications are implemented for supporting on-site work, including conference calling to discuss apparent pilferage or imminent safety hazards, and removable WORM recording media for documenting these discussions. For repair shop use, a standard phone jack or 10-base-T connector allows the device to upload engine test-data, with reports or estimates dictated by the mechanic to the repair shop's LAN server. For hospital use, the device includes removable WORM media for logging patient test results and examination reports. The hospital device also uses a dedicated local-area RF or IR transmitter, with location-specific encryption, to protect the privacy of lab reports received by the device, and to limit use of these devices to hospital's own premises.

A system, method and computer program for enabling transactions on a remote basis is provided. The method of the present invention comprises the steps of: (1) providing a first computer at a location of a customer, and providing a second computer at a location of a financial institution, the first computer and the second computer being linked so as to provide a two-way audiovisual communication system; (2) providing an authentication request at the second computer and communicating the request to the first computer; (3) the customer reviewing the request and providing a signature or other writing as an input to an input device connected to the first computer; (5) transmitting the signature from the first computer to the second computer; (6) receiving the signature and providing the signature to a plotting device connected to the second computer; and (7) applying the signature to a transactional document, wherein the audiovisual information received by the second computer and the signature received by the second computer in combination provide a means of transaction authentication and non-repudiation.

Disclosed is a system and method that uses digital signature technology to authenticate the contents of one or more manifests located on a storage device. Each manifest contains a list of file records, where each record contains the name of a file stored on the storage device, and a signature value derived from the contents of the file. At boot time, the gaming machine first authenticates the contents of the manifest and then authenticates the contents of the files using the signature value stored in the manifest. Files are verified using the signature, as they are needed, during the boot up of the operating system and throughout normal operation. This method reduces the boot time of the gaming machine and eliminates the need to check digital signatures for each individual file or over the entire contents of a non-secure media. Similarly, a method of adding authentication ability to legacy software components without necessarily altering the legacy software components is disclosed. Introduction of a stronger authentication algorithm, or when a private key has been compromised would normally require the software component to be re-built to support the new algorithm or private/public key pair; however, a method is disclosed where algorithms and key pairs may be changed and applied to legacy software without having to re-built, re-test, re-sign, or re-submit the component to regulatory agencies for approval. Also disclosed is a system and method of establishing a trusted environment containing a gaming operating system and associated authentication module, file system drivers, and/or network drivers that may be used to in the process of authenticating contents of one or more manifests located on a storage device.

Systems and methods for pseudonymous public keys based authentication are described that enable an authentication to achieve pseudonymity and non-repudiation, for example, at the same time. Pseudonymity may provide, for example, that a user can show to different parties different digital identifiers for authentication instead of, for example, always using a single digital identifier everywhere, which may lead to a breach of privacy. Non-repudiation may provide, for example, that the authentication data at the server side can be used, for example, to verify a user's authentication request, but not to generate an authentication request, which might lead to user impersonation. A user may use a physical token to generate the authentication request corresponding to the user's identity to pass the authentication.

A method for electronic commerce using a security token and an apparatus thereof are provided. The electronic commerce method using a security token comprises a transaction approval institution generating a security token based on a security assertion markup language (SAML), using credit information of a purchaser who requests to issue a security token, and transmitting the security token to the purchaser; the purchaser writing an electronic signature on an order and transmitting the order together with the security token to a seller; the seller verifying the received order and security token, and then delivering goods according to the order to the purchaser; and the transaction approval institution performing payment for the seller and the purchaser. The method can solve the problems of personal information leakage and privacy infringement that may happen when a purchaser sends his personal information to a seller for electronic commerce. Since the token is one-time-use data, even if a security token sent is counterfeited or stolen, the loss can be minimized. In addition, by writing an extensible markup language (XML) electronic signature in the security token, authentication, integrity, and non-repudiation for a transmitted message can be guaranteed and through simple object access protocol (SOAP) security technology, confidentiality is maintained.

Embodiments of the invention may use a first accelerometer to measure first acceleration data of a first device. Other interaction data, including time data and geographic location data, generated by the first device may also be recorded. First acceleration data is compared by a remote server computer to second acceleration data generated by a second accelerometer in a second device. If the first and second accelerometer data are substantially equal, it can be determined that the devices have interacted and communications can be initiated. After communications are initiated, a financial transaction is conducted. Accelerometer data may be stored and/or used as part of the authentication process in a payment processing network. Other embodiments of the invention use the accelerometer to generate movement security data to make financial transaction more secure. Accelerometer data is used for authentication, security, encryption, session keys, non-repudiation, or fraud protection.

Provided are a mobile extensible Markup Language (XML) signature service providing apparatus and method. The mobile XML signature service providing apparatus includes: an XML message analyzing unit authenticating a mobile client, according to an XML signature template generation request or an XML signature verification request received from the mobile client; an XML signature processor generating an XML signature template and a SignedInfo element in a canonicalized format if the authentication is successful, and verifying an XML signature; and an encoder providing key information and at least one setting value for the generation of the XML signature template and verification of the XML signature, to the XML signature processor. Therefore, the mobile XML signature service providing apparatus and method provide authentication, integrity, non-repudiation, etc. with respect to messages received/transmitted in a wireless environment, are applied to a wireless environment having limited resources, are compatible with an XML signature for an existing wired environment that is to be applied to wired-and-wireless integration electronic commerce, and minimizes a change in an existing wired environment when a mobile XML signature is applied.

A secure method for sending registered, authenticated electronic documents. The invention validates sender and recipient identities, provides for non-repudiation of authenticated documents by sender and recipient, provides an evidence trail, and protects the integrity of the document. The invention is constructed so that a sender can be supplied with proof that the intended recipient received and opened an authenticated document. A neutral third party acts as a document registration agent, and witness to the transmission and receipt of the authenticated document. In the event of a dispute between sender and recipient, the third party can provide an irrefutable record of the contents of the document and of the history of the transmission and receipt of the document Because the third party never has possession of the electronic document, the method provides maximum privacy for sender and recipient. The method is readily adaptable to both key recovery and key escrow.

The invention relates to a cloud manufacturing service transaction information recording system and method based on a block chain. The system comprises a plurality of book keeping nodes; a plurality of book keeping nodes are communicated with each other to form a recording node network; each book keeping node comprises a book keeping information database, a transaction block chain database, a book keeping permission competition module, a transaction information abstract generation module, a transaction block chain generation module and a transaction block chain updating module; the method is applied to the recording node network; recording node network comprises a plurality of book keeping nodes communicated with each other; each book keeping node contests for book keeping permissions in different book keeping periods in a competing mode; and the method comprises a transaction information recording process and a transaction information inquiry verification process. Compared with the prior art, according to the cloud manufacturing service transaction information recording system and method disclosed by the invention, a data recording method and a data structure in the cloud manufacturing service transaction process are improved, and non-repudiation and inquiry verification of transaction can be conveniently implemented.

A system, method, and computer program product for authenticating a requestor using a previously-stored biometric print. Records are stored in a database, where each record contains a previously-stored biometric print corresponding to an individual and is disassociated from an identity of the individual. An identifier and a biometric sample are requested from the requester. The identifier is then used to locate one of the plurality of records corresponding to the requestor. The requestor is authenticated if the biometric sample matches the previously-stored biometric print.

A server executes a protocol that automates transactions involving a customer and a merchant agreeing to trade money in the customer's account for goods or services available from the merchant. The protocol protects personal identifying information of the customer from disclosure to the merchant, and protects all parties from repudiation of the specific transaction. The protocol defines a pre-authenticated form of the specific transaction; obtains authorization from the customer and the merchant to commit on their behalf to the pre-authenticated transaction; and obtains authorization from the bank to commit resources for settlement with the merchant. After obtaining authorizations, a transaction clearance code is generated completing a record of the pre-authenticated transaction for non-repudiation, for proof of a right to receive settlement from the third party and for proof of a right to receive the goods or services from the merchant.

A computationally efficient message verification strategy that achieves non-repudiation and resilience to computational denial of service attacks in conjunction with a broadcast authentication protocol that authenticates messages using a combination of a digital signature and a TESLA MAC. When messages are received at a receiver, the verification strategy separates the messages into messages with the same sender identification. The strategy then determines whether the TESLA MAC authenticator is valid for each message and discards those messages that do not have a valid TESLA MAC. The strategy collects the messages that have a valid TESLA MAC for each sender identification and performs a batch verification process on the group of messages to determine if the messages in the group have a valid digital signature. This strategy verifies each message in the group of messages if the batch verification process shows that the group of messages has a valid digital signature.

The invention discloses an electronic evidence preservation system based on a block chain subliminal channel technology, which comprises a client, a server, an auditing terminal and a network terminal, and is characterized in that the client is used for performing off-line acquisition and processing, online management and evidence collection on a user electronic evidence; the server generates an existence proof for the evidence and performs hosting and recovery on the chain evidence according to a user address; the auditing terminal is used for auditing the chain evidence, generating a corresponding transaction on a block chain and constructing an auditing proof so as to main the integrity, the timeliness and the non-repudiation of an auditing result; and the network terminal is used for performing state synchronization and real-time evidence collection on the user evidence on the chain. The system can dig a cryptographic basis of the subliminal channel preserved electronic evidence and the auditing result thereof in a mature block chain system, thereby realizing safe processing and hidden preservation for the electronic evidence, thus improving the safety and timeliness of electronic evidence preservation, and effectively reducing the preservation cost.

The invention relates to a blockchain-based electronic evidence storing method and system and a blockchain-based electronic evidence verifying method and system. The electronic evidence storing methodcomprises the steps of after an evidence storing person passes the identity authentication, forming an evidence storing data set according to an electronic evidence set formed by evidence collection,the identity information of the evidence storing person and an evidence storing time stamp; signing the evidence storing data set and submitting to a blockchain system by the evidence storing person;and generating a two-dimensional code through a smart contract, wherein the two-dimensional code comprises the certificate data set, the signature of the evidence storing person, the relevant information of an evidence storing transaction in a blockchain and a URL (Uniform Resource Locator) address pointing to the evidence storing transaction. The electronic evidence verifying method comprises the steps of after an evidence verifying person passes the identity authentication, scanning the two-dimensional code to view the relevant information; clicking on the URL to view the evidence storing transaction; and carrying out the consistency comparison of the electronic evidence set. The methods disclosed by the invention have the beneficial effects that the supporting information is added intothe electronic evidence set and the applicability of the electronic evidence is guaranteed; the storing of the electronic evidence set is carried out through the blockchain system and the tamper resistance of the electronic evidence is guaranteed; and the legality and the non-repudiation of the operators are guaranteed through the signature verification of the evidence storing person and the evidence verifying person.

The invention relates to a safety isolation file transmission control method, in particular to a file transmission control method between taxation network safety isolation systems. A transmission control system comprises an external network isolation firewall, an external network control end, an external network transmitting end, an external network receiving end, an internal network transmitting end, an internal network receiving end, an internal network control end and an internal network isolation firewall. A computer system, a virtual machine system and the isolation firewalls are combined to achieved a relatively universal safety data transmission manner, safe and reliable bidirectional data transmission is achieved by the control method with a special safety protocol, confidentiality, completeness and non-repudiation during information transmission are achieved by safety techniques such as data encryption, digital signatures and information authentication codes, data exchanging performance is increased while safety of internal and external network systems is guaranteed, and the whole system can work reliably and stably.

The invention provides an achievement method of a certificate-less public key cryptosystem without bilinear pairing operation and belongs to the field of information safety. The achievement method is used for solving the problems of generation of a secret key of a user, usage and authentication of a public key of the user. According to the achievement method, firstly, a user sets a secret value and calculates a temporary public key, then a secret key generating center generates the other part of the secret key for the user and enables the two parts to be bound, and finally the user synthesizes a his/her actual public and secret key pair. The defect that public key replacement and signature counterfeit possibly exist in a common certificate-less cryptosystem is overcome, the user has complete control right on the secret key, the secret key can be revoked and re-generated, and the signature of the user has non-repudiation. The achievement method adopts a public key cryptographic algorithm of a standard elliptic curve, does not adopt the bilinear pairing operation, is few in occupied resources and high in safety and can operate without the secret key generating center when being applied to signature, authentication and secret key negotiation. By means of the achievement method, identity authentication, communication security and non-repudiation application demands of large-scale systems and low-power-consumption devices can be met.

A method to secure unique information about a handwritten document and to provide verification of document's authenticity, integrity and non-repudiation. The method includes the following steps: creating a document having an area of interest containing information, segmenting the area of interest on the document into a plurality of elements, obtaining the average gray scale of each element, inserting the average gray scale of each element into an identifier, and attaching the identifier to the document.

The invention discloses an Internet of Vehicles distributed authentication method based on controllable privacy, relates to the field of vehicle network communication safety, and specifically relates to an Internet of Vehicles distributed authentication method based on controllable privacy. The method specifically includes five following steps: system initialization; private key update of fake names and a part of signatures; message signature; message authentication of signatures; and real identity tracking and revocation. According to the method, the double hash chain is employed to establish the fake names, the communication cost for invalidating a vehicle identity is irrelevant to the numbers of the fake names and a part of the signature private keys of the vehicle, a vehicle user can update multiple parts of signature private keys by the adoption of one authorization, and the burden of trusted authority (TA) and road-side units (RSU) is reduced; when a message with a controversial signature occurs, the TA can distinguish whether the signature is forged by the RSU according to re-signature of the message uploaded by the vehicle, and the problem of non-repudiation in the distributed environment is solved. According to the method, the security is high, the cost is low, and the method is applicable to node high-speed movement, topology structure volatility, and large-scale VANET network.